<?php
/*
 *      This program is free software; you can redistribute it and/or modify
 *      it under the terms of the GNU General Public License as published by
 *      the Free Software Foundation; either version 2 of the License, or
 *      (at your option) any later version.
 *      
 *      This program is distributed in the hope that it will be useful,
 *      but WITHOUT ANY WARRANTY; without even the implied warranty of
 *      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *      GNU General Public License for more details.
 *      
 *      You should have received a copy of the GNU General Public License
 *      along with this program; if not, write to the Free Software
 *      Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
 *      MA 02110-1301, USA.
 */
/*
		Vulnerabilidad de Directory Path Traversal
			· Nivel de seguridad bajo
			· Nivel de seguridad medio
			· Nivel de seguridad alto
*/

/*
	TODO escribir el mensaje de explicación
*/

if(isset($_GET['recurso']))
	require $_GET['recurso'];
	else
		echo "<html><head><body><form name=\"dpt\" action=\"#\" method=\"GET\"><input type=\"text\" name=\"recurso\" value=\"texto.txt\"><input type=\"submit\" value=\"submit\"></form></form></body></head></html>";

?>
